CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
In Pipecat, from version 0.0.90 to before version 1.2.0, a path traversal vulnerability exists in the development runner. This allows an attacker to access files that the pipecat process has permissions for through a single unauthenticated HTTP request.
Vulnerability in JsonPulsarHeaderMapper in Spring for Apache Pulsar where type header matching against trusted packages used a prefix check, meaning trusting any package implicitly trusted all its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages instead of applying a safe default allow-list.
A vulnerability in Spring for Apache Kafka allows arbitrary JDK type deserialization via crafted message headers. JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper match trusted packages using a prefix check, enabling bypass of security restrictions.
Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when processing JSON Patch requests. The map key is embedded directly into a SpEL expression without sanitization or validation.
A vulnerability in Spring Data REST's JSON Patch (application/json-patch+json) implementation fails to apply the write-access filter to intermediate path segments when resolving a multi-segment JSON Pointer. This allows an attacker to bypass access controls and modify resources they should not have write access to.
A SpEL injection vulnerability in Spring Data MongoDB occurs during parameter binding in @Query annotated repository methods using a capture-all placeholder. Attackers can inject malicious SpEL expressions, potentially leading to remote code execution or data compromise.
Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests.
Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolution.
An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters.
A vulnerability in Spring Security allows an attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively).
An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory.
The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff, potentially leading to memory out-of-bounds or crashing the server.
When OIDC authentication is enabled, clients may set specific values in the 'mechanism' parameter of the 'authenticate' command that lead to server crash. The 'authenticate' command is accessible to unauthenticated clients, resulting in pre-auth denial-of-service in affected product configurations.
A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions.
SQLFluff is a modular SQL linter and auto-formatter that prior to version 4.2.0 had a vulnerability allowing untrusted users to submit malicious long SQL queries. This could lead to a Denial of Service attack through resource exhaustion.
SQLFluff is a modular SQL linter and auto-formatter that prior to version 4.1.0 had a vulnerability allowing untrusted users to submit malicious SQL queries. Such queries could lead to Denial of Service through resource exhaustion.
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.
CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.
Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

